<?php
/**
 * Signin ~ authentication service
 *
 * @author  Badrus Said <badrus.said@gmail.com>
 * @resource
 * @singleton
 */
final class vfs_Signin {
    private function getAttribute($USR) {
        $att = array();

        return $att;
    }
    public function POST($ticket = null) {
        if (is_null($ticket) || ($ticket !== $_SESSION["MD5"])) return "INVALID TICKET";
        $ufwk = getService();
        if ($ufwk->isUser()) return true;
        $isOk = false;
        $conn = getConnection();
        $name = $ufwk->getParameter($_SESSION["UID"]);
        $word = $ufwk->getParameter($_SESSION["PID"]);
        if (is_null($name) || is_null($word) || (strlen($word) != 32)) {
            $isOk = "NAMA PENGGUNA DAN SANDI HARUS DI-ISI.";
        } else {
            $rset = $conn->executeQuery("SELECT * FROM vfs_users WHERE USR='%s' AND USR_HASH='%s' AND BEGDA<=CURRENT_DATE AND BEGDA IS NOT NULL AND (ENDDA>=CURRENT_DATE OR ENDDA IS NULL)", $name, $word);
            if ($rset->next()) {
                $isOk = true;
                $USR = $rset->get("USR");
                $_SESSION["USR"] = $USR;
                $_SESSION["USR_NAME"] = $rset->get("USR_NAME");
                $_SESSION["ATR"] = $this->getAttribute($USR);
                unset($_SESSION["UID"]);
                unset($_SESSION["PID"]);
                unset($_SESSION["MD5"]);
            } else {
                $isOk = 'NAMA PENGGUNA ATAU SANDI SALAH.'.$word;
            }
        }
        return $isOk;
    }
}
?>